System and method for regulating barcode data injection into a running application on a smart device

ABSTRACT

A system and method for regulating the injection of barcode scan data into an application running on a smart device is provided. The system includes a running application on a smart device. The running application has text fields with text field properties. The text field properties designate to either accept access or restrict access to the text fields from barcode scan data. The system further includes a keyboard buffer and a scan wedge having access to the keyboard buffer. The scan wedge is provided with means to discriminate between access and restricted access designations in the text field properties. The means to discriminate is configured to interrogate the text field properties to determine if the text field permits access to barcode scan data. The scan wedge is also configured to begin a barcode scan operation if the text field permits access to barcode scan data and to load barcode scan data into the keyboard buffer. The keyboard buffer is configured to display the barcode scan data as text in the text field of the application. The scan wedge is provided with logic to recognize patterns in barcode scan data. The scan wedge is configured to inspect the barcode scan data for regular patterns consistent with malicious attacks and if present, is configured to instruct the keyboard buffer to insert an error message in the running application.

FIELD OF THE INVENTION

The present invention relates to mobile devices and barcode scanning, and in particular to protecting applications from SQL injection during barcode scanning operations.

BACKGROUND

Generally speaking there are many Smartphone and mobile device applications that require the ability to scan a barcode. In order for a developer to add barcode scanning capability to their application, developers quite frequently rely on a third party software development kit (SDK). The SDK must be integrated into their application. This only gives the user access to barcode scanning from within that particular application. If a user wants a universal method of scanning barcodes for data entry across all their applications, even for applications written by a third party, the solution is more complicated.

Sometimes a keyboard wedge style application is used to facilitate universal scanning in any application by keeping a background service running that responds to a particular key press. When the service detects this key press, it brings up the barcode scanner and inserts the resultant scan data into the keyboard buffer so that it is inserted at the cursor as text in whichever application has focus at the moment.

A keyboard wedge can be either a software program or an inserted hardware device that translates digital signals from a barcode reader or magnetic strip reader into keyboard strokes for a computer, smartphone, or mobile device. The software form of a keyboard wedge intercepts the digital signals from the reader when they arrive at the computer and instantly translates them into keyboard strokes. Data sent through a wedge appears as if it was typed into the device, while the keyboard itself remains fully functional. Because an application running on a computer or a mobile device using a keyboard wedge cannot tell the difference between data that is entered by a scanning device or data that is entered by keyboard typing, a wedge can be used to easily add barcode reading capability to an existing device without modifying software applications.

Today, many Smartphone operating systems allow you to create custom software keyboards (software input panels) which are sometimes used to add a barcode scanning button and associated scan wedge functionality. When the custom keyboard is loaded, if the user wants to enter barcode data into a text field they simply open the software keyboard, hit the scanner button, scan the barcode and the result is placed in the text field that has focus.

Each of these types of keyboard wedges or scan wedge applications do not care what fields they enter data into, assuming they are editable. The applications cannot discriminate which fields scan wedge data is allowed in. This is because the application cannot differentiate between scan wedge data and actual keyboard data. This can be a security risk as barcode data could contain malicious code injection attacks (e.g. SQL Injection) disguised as valid data, which could seriously compromise application data.

SQL Injection is a code injection technique, where malicious software is used to attack data-driven applications. Typically statements are inserted into an entry field for execution, for example to dump the database contents of a running application to the malicious attacker. SQL injection attacks are considered one of the top vulnerabilities on the internet.

Therefore, a need exists for system to scan barcodes into applications running on smartphones or mobile devices with the functionality and flexibility of a scan wedge while regulating the data the running application is exposed to from a barcode scan.

SUMMARY

Accordingly, in one aspect, the present invention embraces a system for regulating the injection of barcode scan data into an application running on a smart device. In the present invention a smart device may be a smartphone or a tablet. For purposes of the present invention, a smart device has a central processing unit, barcode scanning operation capability, a viewfinder, and an embedded camera. The smart device also includes a visual display and a keypad. As known in the art, a custom software input panel keypad is provided with a barcode scanning key. Additionally, the smart device has an operating system, is wireless communication enabled, and has other features commonly found on smart devices. These components of the smart device are communicatively linked.

In an exemplary embodiment, the system comprises a running application on a smart device. The running application has text fields. Each of the text fields has text field properties. The text field properties are designated to either accept access or restrict access to each of the text fields from barcode scan data. The system also comprises a keyboard buffer and a scan wedge. The scan wedge has access to the keyboard buffer. The scan wedge is further provided with means to discriminate between access and restricted access designations in the text field properties. The means to discriminate are configured to interrogate the text field properties to determine if the text field permits access to barcode scan data. The scan wedge is also configured to begin a barcode scan operation if the text field permits access to barcode scan data. The scan wedge is further configured to load barcode scan data into the keyboard buffer. The keyboard buffer is configured to display the barcode scan data as text in the text field of the application.

In another exemplary embodiment, the scan wedge is provided with logic to recognize patterns in barcode scan data. The scan wedge is configured to inspect the barcode scan data for regular patterns consistent with malicious attacks. The scan wedge is configured to instruct the keyboard buffer to insert an error message in the running application if the regular patterns are found.

In yet another exemplary embodiment of the system, at least one of the text field properties is a readable property of the text field. The readable property has associated values which describe attributes of the text field. The attributes designate whether access to the text field is permitted or not permitted. The scan wedge is provided with the value of the readable property. The property and the associated property are a value pair. The scan wedge is configured to look for the value pairs of the text field property. The scan wedge is further configured to begin the barcode scan operation only if the value pair on the text property corresponds to the value pair provided on the scan wedge.

In another exemplary embodiment of the system, the readable property describes the text field and is selected from an id, a name, a tag, and other descriptor properties.

In another exemplary embodiment of the system, the means to discriminate is accomplished with programming techniques selected from reflection and introspection.

In yet another exemplary embodiment of the system, the scan wedge is configured to close if the text field restricts access to barcode scan data.

In another exemplary embodiment of the system, the scan wedge is configured to load an error message in the keyboard buffer if the text field restricts access to barcode scan data. The keyboard buffer is then configured to display the error message in the text field of the running application.

In yet another exemplary embodiment of the system, the means to discriminate comprises a white list and a black list provided on the scan wedge. The text field properties are values either on the white list or on the black list. Values on the white list designate permitted access to the text field by barcode scan data; values on the black list designate restricted access to the text field by barcode scan data. The scan wedge is configured to interrogate the text field properties and identify whether the text field property values are on the white list or on the black list.

In yet another exemplary embodiment of the system, the application is native on the smart device.

In yet another exemplary embodiment of the system, the application is a web application running in a browser on the smart device.

In another aspect, the present invention embraces a method of regulating the injection of barcode scan data into a running application on a smart device. The smart device, for the purposes of the present invention may be a smartphone or a tablet. In addition, as known in the art, a smart device will generally have a central processing unit, barcode scanning operation capability, a viewfinder, and an embedded camera. The smart device also includes a visual display and a keypad. As known in the art, a custom software input panel keypad is provided with a barcode scanning key. Additionally, the smart device has an operating system, is wireless communication enabled, and has other features commonly found on smart devices. These components of the smart device are communicatively linked.

In an exemplary embodiment of the invention the method comprises the steps of: running an application on a smart device, the application having at least one text field, the text field having text field properties, the text field properties designate whether bar code scan data is permitted or not permitted in the text field; inspecting the running application with a scan wedge; finding the text field within the application having focus with the scan wedge; reviewing and cross-referencing properties of the text field with the scan wedge; determining if barcode data can be deposited in the text field based on the properties reviewed.

In another exemplary embodiment, the method further comprises the step of: commencing a barcode scan if the determining step shows that barcode data is permitted.

In another exemplary embodiment, the method further comprises the steps of: inspecting barcode scan data for regular patterns of malicious attacks; loading the barcode scan data into the keyboard buffer; inserting the barcode scan data as text in the text field of the running application if no regular patterns are found in the inspecting barcode scan data step; and displaying an error message if regular patterns are found in the inspecting barcode scan data step.

In yet another exemplary embodiment, the method further comprises the step of: closing the scan wedge application if the determining step shows that barcode data is not permitted.

In another exemplary embodiment of the invention, the method further comprises the step of: displaying an error message.

In another exemplary embodiment of the method, the scan wedge is provided with programming capabilities selected from reflection and introspection, and wherein the inspecting step, the finding step, and the reviewing step are accomplished using the programming techniques.

In yet another exemplary embodiment of the method, the scan wedge is provided with logic, and the inspecting barcode scan data step is accomplished using the logic.

In another exemplary embodiment of the method the scan wedge is provided with a white list and a black list. The text field properties are values either on the white list or on the black list. Values on the white list designate permitted access to the text field by barcode scan data, and values on the black list designate restricted access to the text field by barcode scan data. The reviewing step is accomplished by cross-referencing the text field property values with the white list and black list on the scan wedge.

In another exemplary embodiment of the method, the barcode data can be deposited in a text field if the determining step shows the text field property value is on the white list of the scan wedge.

In yet another exemplary of the method, the barcode data cannot be deposited in a text field if the determining step shows the text field property value is on the black list of the scan wedge.

The foregoing illustrative summary, as well as other exemplary objectives and/or advantages of the invention, and the manner in which the same are accomplished, are further explained within the following detailed description and its accompanying drawings.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 schematically depicts a smart device with components of the system of the present invention installed on the smart device.

FIG. 2 schematically depicts one embodiment of the system wherein a barcode scan is permitted.

FIG. 3 schematically depicts one embodiment of the system wherein a barcode scan is not permitted.

FIG. 4 schematically depicts a flowchart of the steps to carry out the method of regulating the injection of barcode scan data into a running application on a smart device in accordance with one embodiment of the present invention.

DETAILED DESCRIPTION

The present invention embraces a system for regulating the injection of barcode scan data into an application running on a smart device. The smart device may be a smart phone, tablet, or the like. Generally, a smart device proper to the present invention will have certain components as depicted schematically in FIG. 1. Referring to the Figure, a smart device (5) would have the following components: a computer processing unit (CPU) (6), and operating system (7), a wireless communication system (8), barcode scan software (9), a bus (10) which enables the components to be communicatively linked, a viewfinder (11), which would appear on the visual display (13), and an embedded camera (12). All the heretofore components are communicatively linked via the system bus (10). The smart device (5) may have many other components, as is known in the art. The smart device (5) has the capability of running native or resident applications and of running applications on a browser from the internet or the web, accessed by the wireless communication system (8).

In an exemplary embodiment, the smart device (5) is further provided with a keyboard wedge or scan wedge (21) application, which communicatively linked to the other components of the smart device (5). The scan wedge (21) application is enabled through a custom software input panel (20). The custom software input panel (20) preferably has a barcode scan key (not shown) which when touched would activate the scan wedge application (21). The scan wedge (21) has access to a keyboard buffer (22). The keyboard buffer (22) can insert data, such as barcode scan data, as text in a running application on the smart device (5). The scan wedge (21) is preferably provided with programming techniques such as reflection or introspection (not shown) in order to interrogate a running application on the smart device (5). Further, the scan wedge (21) is preferably provided with logic to recognize patterns in barcode scan data. Malicious code injection attacks (SQL injection) often have regular patterns which can be detected by logic.

Reflection is a programming technique known in the art which can be used for observing and/or modifying an application execution at runtime. A reflection-oriented application component can monitor the execution of an enclosure of code and can modify itself according to a desired goal related to that enclosure. This is typically accomplished by dynamically assigning program code at runtime.

Introspection is a programming technique known in the art, which is the ability of a program or an application to examine the type or properties of an object or application at runtime.

In one exemplary embodiment the invention, a system for regulating the injection of barcode scan data into an application running on a smart device is provided and schematically depicted in FIG. 2. Referring now to FIGS. 2, in conjunction with the smartphone (5) depicted in FIG. 1, the system (30) comprises a running application (32) on the smart device (5). The application (32) may be resident on the smartphone (5), or may be an application viewed on a web browser on the smart device (5). The application has at least one text field (34). The text field (34) has text field properties (36). The text field properties (36) are designated to either accept access or restrict access to each of the text fields from barcode scan data. The system further comprises a keyboard buffer (22). The system further comprises a scan wedge (21) which has access to the keyboard buffer (22). The scan wedge (21) is provided with means to discriminate between access and restricted access designations in the text field properties (36). The means to discriminate are configured to interrogate (the interrogation shown as broken line 25) the text field properties (36) to determine if the text field (34) permits access to barcode scan data. The scan wedge (21) is configured to begin a barcode scan operation (26) if the text field (34) permits access to barcode scan data. The scan wedge (21) is further configured to load barcode scan data into the keyboard buffer (22); and the keyboard buffer (22a) is configured to display the barcode scan data as text in the text field (34) of the running application (32).

In another exemplary embodiment, before the scan wedge (21) loads barcode scan data into keyboard buffer (22), the scan wedge (21) is configured to use logic (27) to inspect the barcode scan data for regular patterns consistent with malicious attacks.

SQL injection attacks may exhibit regular patterns of code. For example, the malicious attack may try to pull records in an application. Next, the malicious attack uses code to set database properties or usernames as variables and block legitimate queries. With true statements in code, the attack co-opts the username (made variable before) for authentication. Finally, once in, the attacks instruct the application to dump its database to the malicious attacker. These steps have known patterns.

The logic (27) recognizes the presence or absence of these regular patterns. The logic (27) decision box (29) in the Figure shows the options if regular patterns consistent with malicious attacks are found or not found in the barcode data. If, “yes”, there are regular patterns, then the scan wedge (21) is configured to instruct the keyboard buffer (22 b) to insert an error message in the running application (32). For example, the error message may be: “Warning, the barcode data has been flagged as malicious, would you like to accept it anyway?”, or something similar. If, “no”, the regular patterns are not found, then the barcode scan data is loaded into the keyboard buffer (22 a) for insertion in the text field (34) of the running application (32) as text.

In an exemplary embodiment illustrated in the FIG. 2, at least one text field property (36) is a readable property of the text field (34). The readable text field property (36) has associated values which describe attributes of the text field (34). These attributes designate whether access to the text field (34) is permitted or not permitted. The scan wedge (21) is provided with the value of the readable text field property (36). The text field property (36) and the associated value are a value pair. The scan wedge (21) is configured to look for the value pairs of the text field property (36). The scan wedge (21) is being further configured to begin or start the barcode scan operation (26) only if the value pair on the text property (36) corresponds to the value pair provided on the scan wedge 21).

The readable text field property (36) describes the text field (34) and is selected from an id, a name, a tag, and other descriptor properties. The means to discriminate is accomplished with programming techniques selected from reflection and introspection. Further, the means to discriminate comprises a white list (23) and a black list (24) provided on the scan wedge (21). The text field properties (36) are values either on the white list (23) or on the black list (24). Values on the white list (23) designate permitted access to the text field (34) by barcode scan data. Values on the black list (24) designate restricted access to the text field (34) by barcode scan data. The scan wedge (21) is configured to interrogate (25) the text field properties (36) and identify whether the text field property (36) values, in this case the Name Property, are on the white list (23) or on the black list (24). In the figure, the value pair for the Name text field Property is “Name=Wedge”. This value pair is on the white list (23). Therefore the scan wedge (21) allows the barcode scan operation to begin.

Referring now to FIG. 3, the system (31) is depicted schematically in the case where once again the readable text field property (36) describes the text field (34) and is selected from an id, a name, a tag, and other descriptor properties. The means to discriminate is accomplished with programming techniques selected from reflection and introspection. Further, the means to discriminate comprises a white list (23) and a black list (24) provided on the scan wedge (21). The text field properties (36) are values either on the white list (23) or on the black list (24). Values on the white list (23) designate permitted access to the text field (34) by barcode scan data. Values on the black list (24) designate restricted access to the text field (34) by barcode scan data. The scan wedge (21) is configured to interrogate (25) the text field properties (36) and identify whether the text field property (36) values, in this case the Name Property, are on the white list (23) or on the black list (24). In the current figure, the Name property (36) has value pair of Name=No Wedge. This value pair is on the black list (24) of the scan wedge (21). Thus the text field (34) restricts access to bar code scan data. The scan wedge (21) is configured in this case to shut down and cause an error message to be loaded on the keyboard buffer (22). The keyboard buffer will insert the error message as text in the running application (32) on the visual display (not shown). The error message may be for example, “This field does not permit scan wedge data”, or the like.

The present invention embraces a method for regulating the injection of barcode scan data into an application running on a smart device. The smart device may be a smart phone, tablet, or the like. Generally, a smart device proper to the present invention will have certain components as depicted schematically and described hereinbefore in conjunction with FIG. 1.

In an exemplary embodiment of the present invention, a method is schematically depicted as a flow chart in FIG. 4. Referring now to FIG. 4, the method (40) comprises the steps of: (41) running an application on a smart device, (42) inspecting the running application with a scan wedge, (43) finding a text field within the application having focus with the scan wedge, (44) reviewing and cross-referencing properties of the text field with the scan wedge, (45) determining if barcode data can be deposited in the text field based on the properties reviewed, (46) commencing a barcode scan if the determining step shows that barcode data is permitted, and closing the scan wedge application if the determining step shows that barcode data is not permitted. The method may further comprise the step of (51) displaying an error message in the text field of the running application if the determining step shows that barcode data is not permitted.

In a further exemplary embodiment of the method (40) shown in the present Figure, if the (46) commencing step is permitted, the method (40) further comprises the steps of: (47) inspecting barcode scan data for regular patterns of malicious attacks, (48) loading the barcode scan data into the keyboard buffer, and (49)inserting the barcode scan data as text in the text field of the running application if no regular patterns are found in the (47) inspecting barcode scan data step. If regular patterns are found in the (47) inspecting barcode scan data step, the method (40) further comprises the step of (50) displaying an error message on visual display as text.

In an exemplary embodiment of the invention, the scan wedge is provided with logic, and the (47) inspecting barcode scan data step is accomplished using the logic.

In yet another exemplary embodiment of the invention, the scan wedge is provided with programming capabilities selected from reflection and introspection, and (42) the inspecting step, the (43) finding step, and the (44)reviewing step are accomplished using the programming techniques.

In yet another exemplary embodiment of the invention, the scan wedge is provided with a white list and a black list. The text field properties are values either on the white list or on the black list. The values on the white list designate permitted access to the text field by barcode scan data. Values on the black list designate restricted access to the text field by barcode scan data. The (44) reviewing step is accomplished by cross-referencing the text field property values with the white list and black list on the scan wedge. Thus, barcode data can be inserted in a text field in the (49) inserting data step if the (45) determining step shows the text field property value is on the white list of the scan wedge. Contrarily, barcode data cannot be deposited in a text field if the (45) determining step shows the text field property value is on the black list of the scan wedge.

To supplement the present disclosure, this application incorporates entirely by reference the following commonly assigned patents, patent application publications, and patent applications:

-   U.S. Pat. No. 6,832,725; U.S. Pat. No. 7,128,266; -   U.S. Pat. No. 7,159,783; U.S. Pat. No. 7,413,127; -   U.S. Pat. No. 7,726,575; U.S. Pat. No. 8,294,969; -   U.S. Pat. No. 8,317,105; U.S. Pat. No. 8,322,622; -   U.S. Pat. No. 8,366,005; U.S. Pat. No. 8,371,507; -   U.S. Pat. No. 8,376,233; U.S. Pat. No. 8,381,979; -   U.S. Pat. No. 8,390,909; U.S. Pat. No. 8,408,464; -   U.S. Pat. No. 8,408,468; U.S. Pat. No. 8,408,469; -   U.S. Pat. No. 8,424,768; U.S. Pat. No. 8,448,863; -   U.S. Pat. No. 8,457,013; U.S. Pat. No. 8,459,557; -   U.S. Pat. No. 8,469,272; U.S. Pat. No. 8,474,712; -   U.S. Pat. No. 8,479,992; U.S. Pat. No. 8,490,877; -   U.S. Pat. No. 8,517,271; U.S. Pat. No. 8,523,076; -   U.S. Pat. No. 8,528,818; U.S. Pat. No. 8,544,737; -   U.S. Pat. No. 8,548,242; U.S. Pat. No. 8,548,420; -   U.S. Pat. No. 8,550,335; U.S. Pat. No. 8,550,354; -   U.S. Pat. No. 8,550,357; U.S. Pat. No. 8,556,174; -   U.S. Pat. No. 8,556,176; U.S. Pat. No. 8,556,177; -   U.S. Pat. No. 8,559,767; U.S. Pat. No. 8,599,957; -   U.S. Pat. No. 8,561,895; U.S. Pat. No. 8,561,903; -   U.S. Pat. No. 8,561,905; U.S. Pat. No. 8,565,107; -   U.S. Pat. No. 8,571,307; U.S. Pat. No. 8,579,200; -   U.S. Pat. No. 8,583,924; U.S. Pat. No. 8,584,945; -   U.S. Pat. No. 8,587,595; U.S. Pat. No. 8,587,697; -   U.S. Pat. No. 8,588,869; U.S. Pat. No. 8,590,789; -   U.S. Pat. No. 8,596,539; U.S. Pat. No. 8,596,542; -   U.S. Pat. No. 8,596,543; U.S. Pat. No. 8,599,271; -   U.S. Pat. No. 8,599,957; U.S. Pat. No. 8,600,158; -   U.S. Pat. No. 8,600,167; U.S. Pat. No. 8,602,309; -   U.S. Pat. No. 8,608,053; U.S. Pat. No. 8,608,071; -   U.S. Pat. No. 8,611,309; U.S. Pat. No. 8,615,487; -   U.S. Pat. No. 8,616,454; U.S. Pat. No. 8,621,123; -   U.S. Pat. No. 8,622,303; U.S. Pat. No. 8,628,013; -   U.S. Pat. No. 8,628,015; U.S. Pat. No. 8,628,016; -   U.S. Pat. No. 8,629,926; U.S. Pat. No. 8,630,491; -   U.S. Pat. No. 8,635,309; U.S. Pat. No. 8,636,200; -   U.S. Pat. No. 8,636,212; U.S. Pat. No. 8,636,215; -   U.S. Pat. No. 8,636,224; U.S. Pat. No. 8,638,806; -   U.S. Pat. No. 8,640,958; U.S. Pat. No. 8,640,960; -   U.S. Pat. No. 8,643,717; U.S. Pat. No. 8,646,692; -   U.S. Pat. No. 8,646,694; U.S. Pat. No. 8,657,200; -   U.S. Pat. No. 8,659,397; U.S. Pat. No. 8,668,149; -   U.S. Pat. No. 8,678,285; U.S. Pat. No. 8,678,286; -   U.S. Pat. No. 8,682,077; U.S. Pat. No. 8,687,282; -   U.S. Pat. No. 8,692,927; U.S. Pat. No. 8,695,880; -   U.S. Pat. No. 8,698,949; U.S. Pat. No. 8,717,494; -   U.S. Pat. No. 8,717,494; U.S. Pat. No. 8,720,783; -   U.S. Pat. No. 8,723,804; U.S. Pat. No. 8,723,904; -   U.S. Pat. No. 8,727,223; U.S. Pat. No. D702,237; -   U.S. Pat. No. 8,740,082; U.S. Pat. No. 8,740,085; -   U.S. Pat. No. 8,746,563; U.S. Pat. No. 8,750,445; -   U.S. Pat. No. 8,752,766; U.S. Pat. No. 8,756,059; -   U.S. Pat. No. 8,757,495; U.S. Pat. No. 8,760,563; -   U.S. Pat. No. 8,763,909; U.S. Pat. No. 8,777,108; -   U.S. Pat. No. 8,777,109; U.S. Pat. No. 8,779,898; -   U.S. Pat. No. 8,781,520; U.S. Pat. No. 8,783,573; -   U.S. Pat. No. 8,789,757; U.S. Pat. No. 8,789,758; -   U.S. Pat. No. 8,789,759; U.S. Pat. No. 8,794,520; -   U.S. Pat. No. 8,794,522; U.S. Pat. No. 8,794,526; -   U.S. Pat. No. 8,798,367; U.S. Pat. No. 8,807,431; -   U.S. Pat. No. 8,807,432; U.S. Pat. No. 8,820,630; -   International Publication No. 2013/163789; -   International Publication No. 2013/173985; -   International Publication No. 2014/019130; -   International Publication No. 2014/110495; -   U.S. Patent Application Publication No. 2008/0185432; -   U.S. Patent Application Publication No. 2009/0134221; -   U.S. Patent Application Publication No. 2010/0177080; -   U.S. Patent Application Publication No. 2010/0177076; -   U.S. Patent Application Publication No. 2010/0177707; -   U.S. Patent Application Publication No. 2010/0177749; -   U.S. Patent Application Publication No. 2011/0202554; -   U.S. Patent Application Publication No. 2012/0111946; -   U.S. Patent Application Publication No. 2012/0138685; -   U.S. Patent Application Publication No. 2012/0168511; -   U.S. Patent Application Publication No. 2012/0168512; -   U.S. Patent Application Publication No. 2012/0193423; -   U.S. Patent Application Publication No. 2012/0203647; -   U.S. Patent Application Publication No. 2012/0223141; -   U.S. Patent Application Publication No. 2012/0228382; -   U.S. Patent Application Publication No. 2012/0248188; -   U.S. Patent Application Publication No. 2013/0043312; -   U.S. Patent Application Publication No. 2013/0056285; -   U.S. Patent Application Publication No. 2013/0070322; -   U.S. Patent Application Publication No. 2013/0075168; -   U.S. Patent Application Publication No. 2013/0082104; -   U.S. Patent Application Publication No. 2013/0175341; -   U.S. Patent Application Publication No. 2013/0175343; -   U.S. Patent Application Publication No. 2013/0200158; -   U.S. Patent Application Publication No. 2013/0256418; -   U.S. Patent Application Publication No. 2013/0257744; -   U.S. Patent Application Publication No. 2013/0257759; -   U.S. Patent Application Publication No. 2013/0270346; -   U.S. Patent Application Publication No. 2013/0278425; -   U.S. Patent Application Publication No. 2013/0287258; -   U.S. Patent Application Publication No. 2013/0292475; -   U.S. Patent Application Publication No. 2013/0292477; -   U.S. Patent Application Publication No. 2013/0293539; -   U.S. Patent Application Publication No. 2013/0293540; -   U.S. Patent Application Publication No. 2013/0306728; -   U.S. Patent Application Publication No. 2013/0306730; -   U.S. Patent Application Publication No. 2013/0306731; -   U.S. Patent Application Publication No. 2013/0307964; -   U.S. Patent Application Publication No. 2013/0308625; -   U.S. Patent Application Publication No. 2013/0313324; -   U.S. Patent Application Publication No. 2013/0313325; -   U.S. Patent Application Publication No. 2013/0341399; -   U.S. Patent Application Publication No. 2013/0342717; -   U.S. Patent Application Publication No. 2014/0001267; -   U.S. Patent Application Publication No. 2014/0002828; -   U.S. Patent Application Publication No. 2014/0008430; -   U.S. Patent Application Publication No. 2014/0008439; -   U.S. Patent Application Publication No. 2014/0025584; -   U.S. Patent Application Publication No. 2014/0027518; -   U.S. Patent Application Publication No. 2014/0034734; -   U.S. Patent Application Publication No. 2014/0036848; -   U.S. Patent Application Publication No. 2014/0039693; -   U.S. Patent Application Publication No. 2014/0042814; -   U.S. Patent Application Publication No. 2014/0049120; -   U.S. Patent Application Publication No. 2014/0049635; -   U.S. Patent Application Publication No. 2014/0061305; -   U.S. Patent Application Publication No. 2014/0061306; -   U.S. Patent Application Publication No. 2014/0063289; -   U.S. Patent Application Publication No. 2014/0066136; -   U.S. Patent Application Publication No. 2014/0067692; -   U.S. Patent Application Publication No. 2014/0070005; -   U.S. Patent Application Publication No. 2014/0071840; -   U.S. Patent Application Publication No. 2014/0074746; -   U.S. Patent Application Publication No. 2014/0075846; -   U.S. Patent Application Publication No. 2014/0076974; -   U.S. Patent Application Publication No. 2014/0078341; -   U.S. Patent Application Publication No. 2014/0078342; -   U.S. Patent Application Publication No. 2014/0078345; -   U.S. Patent Application Publication No. 2014/0084068; -   U.S. Patent Application Publication No. 2014/0097249; -   U.S. Patent Application Publication No. 2014/0098792; -   U.S. Patent Application Publication No. 2014/0100774; -   U.S. Patent Application Publication No. 2014/0100813; -   U.S. Patent Application Publication No. 2014/0103115; -   U.S. Patent Application Publication No. 2014/0104413; -   U.S. Patent Application Publication No. 2014/0104414; -   U.S. Patent Application Publication No. 2014/0104416; -   U.S. Patent Application Publication No. 2014/0104451; -   U.S. Patent Application Publication No. 2014/0106594; -   U.S. Patent Application Publication No. 2014/0106725; -   U.S. Patent Application Publication No. 2014/0108010; -   U.S. Patent Application Publication No. 2014/0108402; -   U.S. Patent Application Publication No. 2014/0108682; -   U.S. Patent Application Publication No. 2014/0110485; -   U.S. Patent Application Publication No. 2014/0114530; -   U.S. Patent Application Publication No. 2014/0124577; -   U.S. Patent Application Publication No. 2014/0124579; -   U.S. Patent Application Publication No. 2014/0125842; -   U.S. Patent Application Publication No. 2014/0125853; -   U.S. Patent Application Publication No. 2014/0125999; -   U.S. Patent Application Publication No. 2014/0129378; -   U.S. Patent Application Publication No. 2014/0131438; -   U.S. Patent Application Publication No. 2014/0131441; -   U.S. Patent Application Publication No. 2014/0131443; -   U.S. Patent Application Publication No. 2014/0131444; -   U.S. Patent Application Publication No. 2014/0131445; -   U.S. Patent Application Publication No. 2014/0131448; -   U.S. Patent Application Publication No. 2014/0133379; -   U.S. Patent Application Publication No. 2014/0136208; -   U.S. Patent Application Publication No. 2014/0140585; -   U.S. Patent Application Publication No. 2014/0151453; -   U.S. Patent Application Publication No. 2014/0152882; -   U.S. Patent Application Publication No. 2014/0158770; -   U.S. Patent Application Publication No. 2014/0159869; -   U.S. Patent Application Publication No. 2014/0160329; -   U.S. Patent Application Publication No. 2014/0166755; -   U.S. Patent Application Publication No. 2014/0166757; -   U.S. Patent Application Publication No. 2014/0166759; -   U.S. Patent Application Publication No. 2014/0166760; -   U.S. Patent Application Publication No. 2014/0166761; -   U.S. Patent Application Publication No. 2014/0168787; -   U.S. Patent Application Publication No. 2014/0175165; -   U.S. Patent Application Publication No. 2014/0175169; -   U.S. Patent Application Publication No. 2014/0175172; -   U.S. Patent Application Publication No. 2014/0175174; -   U.S. Patent Application Publication No. 2014/0191644; -   U.S. Patent Application Publication No. 2014/0191913; -   U.S. Patent Application Publication No. 2014/0197238; -   U.S. Patent Application Publication No. 2014/0197239; -   U.S. Patent Application Publication No. 2014/0197304; -   U.S. Patent Application Publication No. 2014/0203087; -   U.S. Patent Application Publication No. 2014/0204268; -   U.S. Patent Application Publication No. 2014/0214631; -   U.S. Patent Application Publication No. 2014/0217166; -   U.S. Patent Application Publication No. 2014/0217180; -   U.S. patent application Ser. No. 13/367,978 for a Laser Scanning     Module Employing an Elastomeric U-Hinge Based Laser Scanning     Assembly, filed Feb. 7, 2012 (Feng et al.); -   U.S. patent application Ser. No. 29/436,337 for an Electronic     Device, filed Nov. 5, 2012 (Fitch et al.); -   U.S. patent application Ser. No. 13/771,508 for an Optical     Redirection Adapter, filed Feb. 20, 2013 (Anderson); -   U.S. patent application Ser. No. 13/852,097 for a System and Method     for Capturing and Preserving Vehicle Event Data, filed Mar. 28, 2013     (Barker et al.); -   U.S. patent application Ser. No. 13/902,110 for a System and Method     for Display of Information Using a Vehicle-Mount Computer, filed May     24, 2013 (Hollifield); -   U.S. patent application Ser. No. 13/902,144, for a System and Method     for Display of Information Using a Vehicle-Mount Computer, filed May     24, 2013 (Chamberlin); -   U.S. patent application Ser. No. 13/902,242 for a System For     Providing A Continuous Communication Link With A Symbol Reading     Device, filed May 24, 2013 (Smith et al.); -   U.S. patent application Ser. No. 13/912,262 for a Method of Error     Correction for 3D Imaging Device, filed Jun. 7, 2013 (Jovanovski et     al.); -   U.S. patent application Ser. No. 13/912,702 for a System and Method     for Reading Code Symbols at Long Range Using Source Power Control,     filed Jun. 7, 2013 (Xian et al.); -   U.S. patent application Ser. No. 29/458,405 for an Electronic     Device, filed Jun. 19, 2013 (Fitch et al.); -   U.S. patent application Ser. No. 13/922,339 for a System and Method     for Reading Code Symbols Using a Variable Field of View, filed Jun.     20, 2013 (Xian et al.); -   U.S. patent application Ser. No. 13/927,398 for a Code Symbol     Reading System Having Adaptive Autofocus, filed Jun. 26, 2013     (Todeschini); -   U.S. patent application Ser. No. 13/930,913 for a Mobile Device     Having an Improved User Interface for Reading Code Symbols, filed     Jun. 28, 2013 (Gelay et al.); -   U.S. patent application Ser. No. 29/459,620 for an Electronic Device     Enclosure, filed Jul. 2, 2013 (London et al.); -   U.S. patent application Ser. No. 29/459,681 for an Electronic Device     Enclosure, filed Jul. 2, 2013 (Chaney et al.); -   U.S. patent application Ser. No. 13/933,415 for an Electronic Device     Case, filed Jul. 2, 2013 (London et al.); -   U.S. patent application Ser. No. 29/459,785 for a Scanner and     Charging Base, filed Jul. 3, 2013 (Fitch et al.); -   U.S. patent application Ser. No. 29/459,823 for a Scanner, filed     Jul. 3, 2013 (Zhou et al.); -   U.S. patent application Ser. No. 13/947,296 for a System and Method     for Selectively Reading Code Symbols, filed Jul. 22, 2013     (Rueblinger et al.); -   U.S. patent application Ser. No. 13/950,544 for a Code Symbol     Reading System Having Adjustable Object Detection, filed Jul. 25,     2013 (Jiang); -   U.S. patent application Ser. No. 13/961,408 for a Method for     Manufacturing Laser Scanners, filed Aug. 7, 2013 (Saber et al.); -   U.S. patent application Ser. No. 14/018,729 for a Method for     Operating a Laser Scanner, filed Sep. 5, 2013 (Feng et al.); -   U.S. patent application Ser. No. 14/019,616 for a Device Having     Light Source to Reduce Surface Pathogens, filed Sep. 6, 2013     (Todeschini); -   U.S. patent application Ser. No. 14/023,762 for a Handheld Indicia     Reader Having Locking Endcap, filed Sep. 11, 2013 (Gannon); -   U.S. patent application Ser. No. 14/035,474 for Augmented-Reality     Signature Capture, filed Sep. 24, 2013 (Todeschini); -   U.S. patent application Ser. No. 29/468,118 for an Electronic Device     Case, filed Sep. 26, 2013 (Oberpriller et al.); -   U.S. patent application Ser. No. 14/055,234 for Dimensioning System,     filed Oct. 16, 2013 (Fletcher); -   U.S. patent application Ser. No. 14/053,314 for Indicia Reader,     filed Oct. 14, 2013 (Huck); -   U.S. patent application Ser. No. 14/065,768 for Hybrid System and     Method for Reading Indicia, filed Oct. 29, 2013 (Meier et al.); -   U.S. patent application Ser. No. 14/074,746 for Self-Checkout     Shopping System, filed Nov. 8, 2013 (Hejl et al.); -   U.S. patent application Ser. No. 14/074,787 for Method and System     for Configuring Mobile Devices via NFC Technology, filed Nov. 8,     2013 (Smith et al.); -   U.S. patent application Ser. No. 14/087,190 for Optimal Range     Indicators for Bar Code Validation, filed Nov. 22, 2013 (Hejl); -   U.S. patent application Ser. No. 14/094,087 for Method and System     for Communicating Information in an Digital Signal, filed Dec. 2,     2013 (Peake et al.); -   U.S. patent application Ser. No. 14/101,965 for High Dynamic-Range     Indicia Reading System, filed Dec. 10, 2013 (Xian); -   U.S. patent application Ser. No. 14/150,393 for Indicia-reader     Having Unitary Construction Scanner, filed Jan. 8, 2014 (Colavito et     al.); -   U.S. patent application Ser. No. 14/154,207 for Laser Barcode     Scanner, filed Jan. 14, 2014 (Hou et al.); -   U.S. patent application Ser. No. 14/165,980 for System and Method     for Measuring Irregular Objects with a Single Camera filed Jan. 28,     2014 (Li et al.); -   U.S. patent application Ser. No. 14/166,103 for Indicia Reading     Terminal Including Optical Filter filed Jan. 28, 2014 (Lu et al.); -   U.S. patent application Ser. No. 14/200,405 for Indicia Reader for     Size-Limited Applications filed Mar. 7, 2014 (Feng et al.); -   U.S. patent application Ser. No. 14/231,898 for Hand-Mounted     Indicia-Reading Device with Finger Motion Triggering filed Apr. 1,     2014 (Van Horn et al.); -   U.S. patent application Ser. No. 14/250,923 for Reading Apparatus     Having Partial Frame Operating Mode filed Apr. 11, 2014, (Deng et     al.); -   U.S. patent application Ser. No. 14/257,174 for Imaging Terminal     Having Data Compression filed Apr. 21, 2014, (Barber et al.); -   U.S. patent application Ser. No. 14/257,364 for Docking System and     Method Using Near Field Communication filed Apr. 21, 2014     (Showering); -   U.S. patent application Ser. No. 14/264,173 for Autofocus Lens     System for Indicia Readers filed Apr. 29, 2014 (Ackley et al.); -   U.S. patent application Ser. No. 14/274,858 for Mobile Printer with     Optional Battery Accessory filed May 12, 2014 (Marty et al.); -   U.S. patent application Ser. No. 14/277,337 for MULTIPURPOSE OPTICAL     READER, filed May 14, 2014 (Jovanovski et al.); -   U.S. patent application Ser. No. 14/283,282 for TERMINAL HAVING     ILLUMINATION AND FOCUS CONTROL filed May 21, 2014 (Liu et al.); -   U.S. patent application Ser. No. 14/300,276 for METHOD AND SYSTEM     FOR CONSIDERING INFORMATION ABOUT AN EXPECTED RESPONSE WHEN     PERFORMING SPEECH RECOGNITION, filed Jun. 10, 2014 (Braho et al.); -   U.S. patent application Ser. No. 14/305,153 for INDICIA READING     SYSTEM EMPLOYING DIGITAL GAIN CONTROL filed Jun. 16, 2014 (Xian et     al.); -   U.S. patent application Ser. No. 14/310,226 for AUTOFOCUSING OPTICAL     IMAGING DEVICE filed Jun. 20, 2014 (Koziol et al.); -   U.S. patent application Ser. No. 14/327,722 for CUSTOMER FACING     IMAGING SYSTEMS AND METHODS FOR OBTAINING IMAGES filed Jul. 10, 2014     (Oberpriller et al,); -   U.S. patent application Ser. No. 14/327,827 for a MOBILE-PHONE     ADAPTER FOR ELECTRONIC TRANSACTIONS, filed Jul. 10, 2014 (Hejl); -   U.S. patent application Ser. No. 14/329,303 for CELL PHONE READING     MODE USING IMAGE TIMER filed Jul. 11, 2014 (Coyle); -   U.S. patent application Ser. No. 14/333,588 for SYMBOL READING     SYSTEM WITH INTEGRATED SCALE BASE filed Jul. 17, 2014 (Barten); -   U.S. patent application Ser. No. 14/334,934 for a SYSTEM AND METHOD     FOR INDICIA VERIFICATION, filed Jul. 18, 2014 (Hejl); -   U.S. patent application Ser. No. 14/336,188 for METHOD OF AND SYSTEM     FOR DETECTING OBJECT WEIGHING INTERFERENCES, Filed Jul. 21, 2014     (Amundsen et al.); -   U.S. patent application Ser. No. 14/339,708 for LASER SCANNING CODE     SYMBOL READING SYSTEM, filed Jul. 24, 2014 (Xian et al.); -   U.S. patent application Ser. No. 14/340,627 for an AXIALLY     REINFORCED FLEXIBLE SCAN ELEMENT, filed Jul. 25, 2014 (Rueblinger et     al.); -   U.S. patent application Ser. No. 14/340,716 for an OPTICAL IMAGER     AND METHOD FOR CORRELATING A MEDICATION PACKAGE WITH A PATIENT,     filed Jul. 25, 2014 (Ellis); -   U.S. patent application Ser. No. 14/342,544 for Imaging Based     Barcode Scanner Engine with Multiple Elements Supported on a Common     Printed Circuit Board filed Mar. 4, 2014 (Liu et al.); -   U.S. patent application Ser. No. 14/345,735 for Optical Indicia     Reading Terminal with Combined Illumination filed Mar. 19, 2014     (Ouyang); -   U.S. patent application Ser. No. 14/336,188 for METHOD OF AND SYSTEM     FOR DETECTING OBJECT WEIGHING INTERFERENCES, Filed Jul. 21, 2014     (Amundsen et al.); -   U.S. patent application Ser. No. 14/355,613 for Optical Indicia     Reading Terminal with Color Image Sensor filed May 1, 2014 (Lu et     al.); -   U.S. patent application Ser. No. 14/370,237 for WEB-BASED SCAN-TASK     ENABLED SYSTEM AND METHOD OF AND APPARATUS FOR DEVELOPING AND     DEPLOYING THE SAME ON A CLIENT-SERVER NETWORK filed Jul. 2, 2014     (Chen et al.); -   U.S. patent application Ser. No. 14/370,267 for INDUSTRIAL DESIGN     FOR CONSUMER DEVICE BASED SCANNING AND MOBILITY, filed Jul. 2, 2014     (Ma et al.); -   U.S. patent application Ser. No. 14/376,472, for an ENCODED     INFORMATION READING TERMINAL INCLUDING HTTP SERVER, filed Aug. 4,     2014 (Lu); -   U.S. patent application Ser. No. 14/379,057 for METHOD OF USING     CAMERA SENSOR INTERFACE TO TRANSFER MULTIPLE CHANNELS OF SCAN DATA     USING AN IMAGE FORMAT filed Aug. 15, 2014 (Wang et al.); -   U.S. patent application Ser. No. 14/452,697 for INTERACTIVE INDICIA     READER, filed Aug. 6, 2014 (Todeschini); -   U.S. patent application Ser. No. 14/453,019 for DIMENSIONING SYSTEM     WITH GUIDED ALIGNMENT, filed Aug. 6, 2014 (Li et al.); -   U.S. patent application Ser. No. 14/460,387 for APPARATUS FOR     DISPLAYING BAR CODES FROM LIGHT EMITTING DISPLAY SURFACES filed Aug.     15, 2014 (Van Horn et al.); -   U.S. patent application Ser. No. 14/460,829 for ENCODED INFORMATION     READING TERMINAL WITH WIRELESS PATH SELECTON CAPABILITY, filed Aug.     15, 2014 (Wang et al.); -   U.S. patent application Ser. No. 14/462,801 for MOBILE COMPUTING     DEVICE WITH DATA COGNITION SOFTWARE, filed on Aug. 19, 2014     (Todeschini et al.); -   U.S. patent application Ser. No. 14/446,387 for INDICIA READING     TERMINAL PROCESSING PLURALITY OF FRAMES OF IMAGE DATA RESPONSIVELY     TO TRIGGER SIGNAL ACTIVATION filed Jul. 30, 2014 (Wang et al.); -   U.S. patent application Ser. No. 14/446,391 for MULTIFUNCTION POINT     OF SALE APPARATUS WITH OPTICAL SIGNATURE CAPTURE filed Jul. 30, 2014     (Good et al.); -   U.S. patent application Ser. No. 29/486,759 for an Imaging Terminal,     filed Apr. 2, 2014 (Oberpriller et al.); -   U.S. patent application Ser. No. 29/492,903 for an INDICIA SCANNER,     filed Jun. 4, 2014 (Zhou et al.); and -   U.S. patent application Ser. No. 29/494,725 for an IN-COUNTER     BARCODE SCANNER, filed Jun. 24, 2014 (Oberpriller et al.).

In the specification and/or figures, typical embodiments of the invention have been disclosed. The present invention is not limited to such exemplary embodiments. The use of the term “and/or” includes any and all combinations of one or more of the associated listed items. The figures are schematic representations and so are not necessarily drawn to scale. Unless otherwise noted, specific terms have been used in a generic and descriptive sense and not for purposes of limitation. 

1. A system for regulating the injection of barcode scan data into an application running on a smart device, comprising: a running application on a smart device, the application having text fields; the text fields each having text field properties; the text field properties being designated to either accept access or restrict access to each of the text fields from barcode scan data; a keyboard buffer; a scan wedge having access to the keyboard buffer, the scan wedge being provided with means to discriminate between access and restricted access designations in the text field properties; the means to discriminate being configured to interrogate the text field properties to determine if the text field permits access to barcode scan data; the scan wedge being configured to begin a barcode scan operation if the text field permits access to barcode scan data; the scan wedge being configured to load barcode scan data into the keyboard buffer; and the keyboard buffer being configured to display the barcode scan data as text in the text field of the application.
 2. The system of claim 1, wherein the scan wedge is provided with logic to recognize patterns in barcode scan data, the scan wedge being further configured to inspect the barcode scan data for regular patterns consistent with malicious attacks, the scan wedge being configured to instruct the keyboard buffer to insert an error message in the running application if the regular patterns are found.
 3. The system of claim 1, wherein at least one of the text field properties being a readable property of the text field, the readable property having associated values which describe attributes of the text field; the attributes designating whether access to the text field is permitted or not permitted; the scan wedge being provided with the value of the readable property, the property and the associated property being a value pair; the scan wedge being configured to look for the value pairs of the text field property; the scan wedge being further configured to begin the barcode scan operation only if the value pair on the text property corresponds to the value pair provided on the scan wedge.
 4. The system of claim 3, wherein the readable property describes the text field and is selected from an id, a name, a tag, and other descriptor properties.
 5. The system of claim 1, wherein the means to discriminate is accomplished with programming techniques selected from reflection and introspection.
 6. The system of claim 1, wherein the scan wedge is configured to close if the text field restricts access to barcode scan data.
 7. The system of claim 6, wherein the scan wedge is configured to load an error message in the keyboard buffer if the text field restricts access to barcode scan data; and the keyboard buffer is configured to display the error message in the text field of the running application.
 8. The system of claim 1, wherein the means to discriminate comprises a white list and a black list provided on the scan wedge; and wherein the text field properties being values either on the white list or on the black list, values on the white list designating permitted access to the text field by barcode scan data, values on the black list designating restricted access to the text field by barcode scan data; and wherein, the scan wedge is configured to interrogate the text field properties and identify whether the text field property values are on the white list or on the black list.
 9. The system of claim 1, wherein the application is native on the smart device.
 10. The system of claim 1, wherein the application is a web application running in a browser on the smart device.
 11. A method of regulating the injection of barcode scan data into a running application on a smart device, comprising the steps of: i. running an application on a smart device, the application having at least one text field, the text field having text field properties, the text field properties designating whether bar code scan data is permitted or not permitted in the text field; ii. inspecting the running application with a scan wedge; iii. finding the text field within the application having focus with the scan wedge; iv. reviewing and cross-referencing properties of the text field with the scan wedge; and v. determining if barcode data can be deposited in the text field based on the properties reviewed.
 12. The method of claim 11, further comprising the step of: commencing a barcode scan if the determining step shows that barcode data is permitted.
 13. The method of claim 12, further comprising the steps of: inspecting barcode scan data for regular patterns of malicious attacks; loading the barcode scan data into the keyboard buffer, and inserting the barcode scan data as text in the text field of the running application if no regular patterns are found in the inspecting barcode scan data step; and displaying an error message if regular patterns are found in the inspecting barcode scan data step.
 14. The method of claim 11, further comprising: closing the scan wedge application if the determining step shows that barcode data is not permitted.
 15. The method of claim 14, further comprising the step of: displaying an error message.
 16. The method of claim 11, wherein the scan wedge is provided with programming capabilities selected from reflection and introspection, and wherein the inspecting step, the finding step, and the reviewing step are accomplished using the programming techniques.
 17. The method of claim 13, wherein the scan wedge is provided with logic, and the inspecting barcode scan data step is accomplished using the logic.
 18. The method of claim 11, wherein the scan wedge is provided with a white list and a black list; and wherein the text field properties being values either on the white list or on the black list; values on the white list designating permitted access to the text field by barcode scan data, values on the black list designating restricted access to the text field by barcode scan data; and wherein, the reviewing step is accomplished by cross-referencing the text field property values with the white list and black list on the scan wedge.
 19. The method of claim 18, wherein barcode data can be deposited in a text field if the determining step shows the text field property value is on the white list of the scan wedge.
 20. The method of claim 18, wherein barcode data cannot be deposited in a text field if the determining step shows the text field property value is on the black list of the scan wedge. 